In 2023, we saw federal, state, and local governments (as well as the private sector) increase spending on cyber security protections.
In response, hackers continue to change tactics to bypass these protections, which includes the utilization of artificial intelligence in their attacks as well as tried and true scams that we as a nation continue to fall for.
Last year, I got an up-close look at one of those scams.
In December, I received a call from someone in the Tallahassee business community (who will remain anonymous). They told me they needed my advice and asked if I had a minute. I dropped what I was doing and listened closely.
Within seven words I told them to STOP, do not continue, do not send money, do not share passwords, cease and desist all communications that you are having online.
Those first seven words were: “So I am about to wire money.”
After they agreed to stand down, I asked for the backstory. This person, who we will call “Bob” received a text from someone who was looking for someone else. The person apologized for the wrong text but kept them talking.
They ended up texting for weeks and he developed a “relationship” with them. This person we will call “Harriet Hacker.”
Harriet first started just texting, but then after sharing lots of personal information, she started sharing pictures. They shared life stories with one another via text and other communication tools while never actually meeting in person.
Harriet then started sharing intimate pictures and said she was falling in love with Bob. Their conversations continued for weeks online in this manner as the con evolved.
Little did Bob know, but Harriet was waiting for the perfect time to strike and rob him blind. One day she struck and told Bob that one of her friends just made a killing in crypto currency and she was thinking about getting involved. She then started sharing stories of easy money-making and soon thereafter Bob asked her how he could get involved.
Harriet asked Bob to send some money to a crypto account that she was nice enough to create; within a month, the investment appeared to triple. Wow, Bob thought. Amazing.
The original ask was a couple of thousand dollars, the fake profit showed the account growing so when Harriet asked for a bigger investment, Bob was all in.
Bob told me that he was about to send her every penny he had but one thing looked off.
It would seem in one of the photos that was sent to him there was a towel in the background with a hotel name on it. He asked if she had been traveling, and she said no. He picked up the phone and called me. He literally had a bank transfer ready, and he was one click away from sending everything he had to her when we were talking. We had him bring the computer to the office and our Information Security Manager, Keith, ran a full diagnostic, changed all passwords, and went about closing those accounts and attempted to get his original $2K back.
The final step proved futile as the account was co-managed by Harriet.
This type of hacking is called “Pig Butchering,” and I am sharing Bob’s story in hopes that we can stop someone else from falling for it by creating awareness of this type of hack/con.
It was first reported in China and was referred to as shāzhūpán. This Chinese phrase means to fatten victims up and take everything they’ve got.
Scams are typically cryptocurrency schemes and can be started via social media or text, with the hacker claiming to have texted you by accident (as in Bob’s case). Once the conversation gets going (after weeks or months) at some point the investment conversation begins with small asks and then profits are shown (usually in a fraudulent app the hackers will ask you to download).
At this point of the con, the digital romance and investment conversations continue concurrently.
Then, after a few weeks of this, the hacker goes in for the kill and asks for a large investment or “whole hog” hence the name pig butchering.
How rampant is this type of crime? NBC Miami reported last year that there were over five billion dollars in losses to this type of crime in 2022. There were tens of thousands of victims according to FBI data they compiled. However, the true picture is most likely much more as victims are embarrassed to come forward in this type of situation.
Data shows that older people are most likely to fall for this type of digital crime so help your family be on the constant lookout for those that might be vulnerable.
In most of these cases, it appears that these are not lone hackers working alone in the basement. There appears to be organized crime involved with so-called pig butchering, forcing victims of human trafficking to do the work of keeping these cons going.
Imagine a hacking farm in Southeast Asia where people are kidnapped and forced to participate in these types of crimes. With a long game con that could last months that certainly explains how hackers can keep dozens or hundreds of these conversations going. Meaning that they use forced labor.
Cyber security tools are critical to your business; endpoint detection and response solutions, two-factor authentication, email attack simulations, password managers, enterprise-level firewalls, up-to-date anti-virus, and network vulnerability scans are a must in the current landscape.
However, they won’t stop this type of crime.
This type of cybercrime is as bad as it gets. It’s ruthless.
With most computer crimes, data is lost, maybe some money, and even large amounts in some instances. But with pig butchering, lives are ruined, fortunes are squandered and there have been reports of suicide from victims who lost everything.
It is up to all of us to stop the people in our lives from giving away their money when someone texts them by accident or wants to be their friend on-line.
Talk to the people at your office and in your family about this type of thing, you may just save someone’s fortune or even their life. If you see this type of crime, try and stop the person from being robbed and then immediately call the FBI.
Happy No Hacking New Year and please be safe out there.
___
Blake Dowling is CEO of Aegis Business Technologies and can be reached at [email protected].
One comment
Dont Say FLA
January 6, 2024 at 12:43 pm
This story is a metaphor for today’s G0P and Super PACs, no?
Comments are closed.